CN107864162B - fusion gateway dual system and communication safety protection method thereof - Google Patents
fusion gateway dual system and communication safety protection method thereof Download PDFInfo
- Publication number
- CN107864162B CN107864162B CN201711406232.7A CN201711406232A CN107864162B CN 107864162 B CN107864162 B CN 107864162B CN 201711406232 A CN201711406232 A CN 201711406232A CN 107864162 B CN107864162 B CN 107864162B
- Authority
- CN
- China
- Prior art keywords
- gateway
- mac address
- top box
- message
- communication
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0803—Configuration setting
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/14—Session management
- H04L67/141—Setup of application sessions
Abstract
the invention discloses a fusion gateway dual system and a communication safety protection method thereof, relating to the field of fusion gateways. The dual system comprises a gateway system and a set-top box system, wherein both the gateway system and the set-top box system comprise system communication modules, and the system communication modules realize communication between the gateway system and the set-top box system according to an agreed message format or rule; the gateway system is provided with an independent CPU and a Linux operating system, and is used for completing network access, networking, message transmission and IP address distribution; when a system communication module of the gateway system receives an external system request to modify the gateway configuration, firstly, identity verification is carried out, and the gateway configuration is modified after the identity verification is passed; the set top box system is provided with an independent CPU and an Android operating system, equipment information and a configuration interface are displayed to a user through video output, and when the user needs to configure the gateway system, operation is carried out through the configuration interface. The invention can effectively improve the safety of dual-system communication.
Description
Technical Field
The invention relates to the field of convergence gateways, in particular to a convergence gateway dual system and a communication safety protection method thereof.
Background
With the development of broadband speed-up and video services of telecom operators, demands for two devices, namely a gateway and a network set top box, are met in hotels, shops, supermarkets, small and medium-sized enterprises and the like. A fused gateway comes from the beginning, and the requirements of user gateway services and network set top box video services are met.
the fusion type gateway generally comprises a gateway based on a Linux system and a set top box based on an Android system. The user or the maintenance personnel need to configure the gateway system through the set-top box system, and at the moment, dual-system communication is needed. Typically, such a converged gateway dual system communication is based on a network connection, and the set-top box system transmits a configuration command to the gateway system via the network. Theoretically, other terminal devices connected to the convergence gateway also have the ability to communicate with the gateway system in the convergence gateway and configure the gateway. If the configuration function of the convergence gateway is exposed to all the terminal devices connected to the device, security problems such as misconfiguration, incorrect operation of the device and the like occur. How to protect the security of communication, thereby ensuring that the configuration of the device is not changed at will, is a problem to be solved urgently at present.
Disclosure of Invention
the invention aims to overcome the defects of the background technology and provide a fusion gateway dual system and a communication security protection method thereof, which can effectively improve the security of dual system communication.
the invention provides a convergence gateway dual system, which comprises a gateway system and a set top box system, wherein the gateway system and the set top box system both comprise system communication modules, and the system communication modules are connected based on a network and realize communication between the gateway system and the set top box system according to an agreed message format or rule;
The gateway system is provided with an independent CPU and a Linux operating system, and is used for completing network access, networking, message transmission and IP address distribution; when a system communication module of the gateway system receives an external system request to modify the gateway configuration, firstly, identity verification is carried out, and the gateway configuration is modified after the identity verification is passed;
The set top box system is provided with an independent CPU and an Android operating system, equipment information and a configuration interface are displayed to a user through video output, and when the user needs to configure the gateway system, operation is carried out through the configuration interface;
The communication flow between the gateway system and the set-top box system is as follows:
Establishing a legal identity MAC address pool of the configurable gateway to form a white list; adding the MAC address of the set-top box system into a white list according to the hop count of the MAC address during production;
when the external equipment is connected with the communication IP of the converged gateway dual system, judging whether the MAC address of the external equipment belongs to a blacklist, and if the MAC address belongs to the blacklist, rejecting connection; if the MAC address is not in the blacklist, judging whether the content of the message is a command for requesting to connect the gateway system or configuring the gateway system;
if the content of the message is a request for connecting a gateway system, a set-top box system secret key is requested, the set-top box system secret key is a private key, the private key is used for signing the MAC address of the equipment, the public key of the gateway system is used for verifying the signed MAC address, if the MAC address is correct, connection is allowed, and the MAC address is added to be a white list; if not, not allowing connection and discarding the message;
if the content of the message is a command for configuring the gateway system, the gateway system inquires the MAC address of the message source, judges whether the message is in a white list or not, if the message is not in the white list, the message is considered to be illegally changed, modification is refused, and the MAC address is added into a black list; if the MAC address is in the white list, judging whether the MAC address is the MAC address of the set-top box, and if the MAC address is not the MAC address of the set-top box, allowing the configuration of the gateway system to be modified; if the set top box is the MAC address of the set top box, further judging whether the physical port is the physical port of the set top box system, and if the physical port is the set top box port, modifying the configuration of the gateway system; otherwise, the message is discarded.
on the basis of the technical scheme, the blacklist is default empty.
On the basis of the technical scheme, the communication IP is a gateway management IP.
On the basis of the technical scheme, the physical port of the set-top box system is fixedly connected with the gateway system, and if the MAC address and the physical port of the set-top box system correspond to each other, the set-top box system comes from the configuration command of the set-top box system.
The invention also provides a communication security protection method of the fusion gateway dual system, which comprises the following steps:
Establishing a legal identity MAC address pool of the configurable gateway to form a white list; adding the MAC address of the set-top box system into a white list according to the hop count of the MAC address during production;
when the external equipment is connected with the communication IP of the converged gateway dual system, judging whether the MAC address of the external equipment belongs to a blacklist, and if the MAC address belongs to the blacklist, rejecting connection; if the MAC address is not in the blacklist, judging whether the content of the message is a command for requesting to connect the gateway system or configuring the gateway system;
If the content of the message is a request for connecting a gateway system, a set-top box system secret key is requested, the set-top box system secret key is a private key, the private key is used for signing the MAC address of the equipment, the public key of the gateway system is used for verifying the signed MAC address, if the MAC address is correct, connection is allowed, and the MAC address is added to be a white list; if not, not allowing connection and discarding the message;
If the content of the message is a command for configuring the gateway system, the gateway system inquires the MAC address of the message source, judges whether the message is in a white list or not, if the message is not in the white list, the message is considered to be illegally changed, modification is refused, and the MAC address is added into a black list; if the MAC address is in the white list, judging whether the MAC address is the MAC address of the set-top box, and if the MAC address is not the MAC address of the set-top box, allowing the configuration of the gateway system to be modified; if the set top box is the MAC address of the set top box, further judging whether the physical port is the physical port of the set top box system, and if the physical port is the set top box port, modifying the configuration of the gateway system; otherwise, the message is discarded.
On the basis of the technical scheme, the blacklist is default empty.
On the basis of the technical scheme, the communication IP is a gateway management IP.
on the basis of the technical scheme, the physical port of the set-top box system is fixedly connected with the gateway system, and if the MAC address and the physical port of the set-top box system correspond to each other, the set-top box system comes from the configuration command of the set-top box system.
Compared with the prior art, the invention has the following advantages:
(1) The fusion gateway dual system comprises a gateway system and a set-top box system, wherein both the gateway system and the set-top box system comprise system communication modules, and the system communication modules are connected based on a network and realize communication between the gateway system and the set-top box system according to an agreed message format or rule; the gateway system is provided with an independent CPU and a Linux operating system, and is used for completing network access, networking, message transmission and IP address distribution; when a system communication module of the gateway system receives an external system request to modify the gateway configuration, firstly, identity verification is carried out, and the gateway configuration is modified after the identity verification is passed; the set top box system is provided with an independent CPU and an Android operating system, equipment information and a configuration interface are displayed to a user through video output, and when the user needs to configure the gateway system, operation is carried out through the configuration interface;
The communication flow between the gateway system and the set-top box system is as follows:
Establishing a legal identity MAC address pool of the configurable gateway to form a white list; adding the MAC address of the set-top box system into a white list according to the hop count of the MAC address during production;
When the external equipment is connected with the communication IP of the converged gateway dual system, judging whether the MAC address of the external equipment belongs to a blacklist, and if the MAC address belongs to the blacklist, rejecting connection; if the MAC address is not in the blacklist, judging whether the content of the message is a command for requesting to connect the gateway system or configuring the gateway system;
if the content of the message is a request for connecting a gateway system, a set-top box system secret key is requested, the set-top box system secret key is a private key, the private key is used for signing the MAC address of the equipment, the public key of the gateway system is used for verifying the signed MAC address, if the MAC address is correct, connection is allowed, and the MAC address is added to be a white list; if not, not allowing connection and discarding the message;
if the content of the message is a command for configuring the gateway system, the gateway system inquires the MAC address of the message source, judges whether the message is in a white list or not, if the message is not in the white list, the message is considered to be illegally changed, modification is refused, and the MAC address is added into a black list; if the MAC address is in the white list, judging whether the MAC address is the MAC address of the set-top box, and if the MAC address is not the MAC address of the set-top box, allowing the configuration of the gateway system to be modified; if the set top box is the MAC address of the set top box, further judging whether the physical port is the physical port of the set top box system, and if the physical port is the set top box port, modifying the configuration of the gateway system; otherwise, the message is discarded.
In the invention, the configuration modification command from the illegal identity is rejected by the gateway system, so that the safety of dual-system communication can be effectively improved.
(2) when connection is requested for the first time, the MAC signature of the external equipment is verified through the private key of the set top box system and the public key of the gateway system, so that the identity recognition capability can be enhanced, and the security of the dual-system configuration of the fusion gateway is improved.
(3) The invention uses one MAC address pool to manage the identity, allows the addition and deletion of the legal identity, and can regulate and control the legal identity.
(4) After the illegal identity is refused to be modified, the equipment can refuse to carry out network connection with the equipment, so that continuous malicious attack to the dual system of the convergence gateway by other equipment can be prevented, and the safety of the equipment can be enhanced.
drawings
Fig. 1 is a block diagram of a convergence gateway dual system in the embodiment of the present invention.
fig. 2 is a flowchart of a communication security protection method for a converged gateway dual system in an embodiment of the present invention.
Detailed Description
the invention is described in further detail below with reference to the figures and the embodiments.
referring to fig. 1, an embodiment of the present invention provides a convergence gateway dual system, where the convergence gateway dual system includes a gateway system and a set-top box system, both the gateway system and the set-top box system include system communication modules, and the system communication modules are connected based on a network and implement communication between the gateway system and the set-top box system according to an agreed message format or rule;
The gateway system is provided with an independent CPU and a Linux operating system, and is used for completing network access, networking, message transmission and IP address distribution; when a system communication module of the gateway system receives an external system request to modify the gateway configuration, firstly, identity verification is carried out, and the gateway configuration is modified after the identity verification is passed;
the set top box system is provided with an independent CPU and an Android operating system, equipment information and a configuration interface are displayed to a user through video output, and when the user needs to configure the gateway system, operation is carried out through the configuration interface;
the communication flow between the gateway system and the set-top box system is as follows:
establishing a legal identity MAC address pool of the configurable gateway to form a white list; adding the MAC address of the set-top box system into a white list according to the hop count of the MAC address during production;
When the external equipment is connected with the communication IP of the converged gateway dual system, judging whether the MAC address of the external equipment belongs to a blacklist, and if the MAC address belongs to the blacklist, rejecting connection; if the MAC address is not in the blacklist, judging whether the content of the message is a command for requesting to connect the gateway system or configuring the gateway system;
If the content of the message is a request for connecting a gateway system, a set-top box system secret key is requested, the set-top box system secret key is a private key, the private key is used for signing the MAC address of the equipment, the public key of the gateway system is used for verifying the signed MAC address, if the MAC address is correct, connection is allowed, and the MAC address is added to be a white list; if not, not allowing connection and discarding the message;
If the content of the message is a command for configuring the gateway system, the gateway system inquires the MAC address of the message source, judges whether the message is in a white list or not, if the message is not in the white list, the message is considered to be illegally changed, modification is refused, and the MAC address is added into a black list; if the MAC address is in the white list, judging whether the MAC address is the MAC address of the set-top box, and if the MAC address is not the MAC address of the set-top box, allowing the configuration of the gateway system to be modified; if the set top box is the MAC address of the set top box, further judging whether the physical port is the physical port of the set top box system, and if the physical port is the set top box port, modifying the configuration of the gateway system; otherwise, the message is discarded.
referring to fig. 2, an embodiment of the present invention further provides a communication security protection method for the converged gateway dual system, including the following steps:
Establishing a legal identity MAC address pool of the configurable gateway to form a white list; adding the MAC address of the set-top box system into a white list according to the hop count of the MAC address during production;
When the external equipment is connected with the communication IP of the converged gateway dual system, judging whether the MAC address of the external equipment belongs to a blacklist, and if the MAC address belongs to the blacklist, rejecting connection; if the MAC address is not in the blacklist, judging whether the content of the message is a command for requesting to connect the gateway system or configuring the gateway system;
if the content of the message is a request for connecting a gateway system, a set-top box system secret key is requested, the set-top box system secret key is a private key, the private key is used for signing the MAC address of the equipment, the public key of the gateway system is used for verifying the signed MAC address, if the MAC address is correct, connection is allowed, and the MAC address is added to be a white list; if not, not allowing connection and discarding the message;
if the content of the message is a command for configuring the gateway system, the gateway system inquires the MAC address of the message source, judges whether the message is in a white list or not, if the message is not in the white list, the message is considered to be illegally changed, modification is refused, and the MAC address is added into a black list; if the MAC address is in the white list, judging whether the MAC address is the MAC address of the set-top box, and if the MAC address is not the MAC address of the set-top box, allowing the configuration of the gateway system to be modified; if the set top box is the MAC address of the set top box, further judging whether the physical port is the physical port of the set top box system, and if the physical port is the set top box port, modifying the configuration of the gateway system; otherwise, the message is discarded.
the black list defaults to null for reasons: the communication IP is typically a gateway management IP and the purpose of the connection is not just to change the configuration.
Since the set-top box MAC address needs to be exposed on the device tag, a special judgment is needed to make modifications to the gateway to prevent the dangerous device from disguising the set-top box MAC address.
The physical port of the set-top box system is fixedly connected with the gateway system, and if the MAC address and the physical port of the set-top box system correspond to each other, the set-top box system is originated from the configuration command of the set-top box system.
the principle of the embodiment of the invention is elaborated as follows:
The technical problem to be solved by the embodiments of the present invention is that a gateway side system of a convergence gateway can identify the source of a configuration command, reject the configuration of an illegal identity, and accept only the configuration of a legal identity, so as to implement the above functions and solve the following problems:
firstly, a set of discrimination basis for identifying legal identity and non-legal identity by a gateway system in a converged gateway is established.
Secondly, when the gateway system requests to connect, a first path of identity recognition is formed by adopting an agreed safety recognition method.
thirdly, when the convergence gateway receives the command for changing the configuration, the identity of the source of the command is identified to form a second identity identification, the legal identity is allowed to be modified, the illegal identity is not allowed to be modified, and the connection request of the illegal identity can be refused in the later period.
And fourthly, the set-top box system in the default fusion gateway is a legal user, and the set-top box system is allowed to manage the identity of the legal user and can be added or deleted.
in order to solve the technical problem, the embodiment of the invention adopts the following scheme:
because the MAC address of the device is unique and fixed, in the embodiment of the present invention, the MAC address is used as the identifier of the device identity, a MAC address pool is first established in the gateway system of the converged gateway dual system, and the device in the MAC address pool is considered to have a legal identity for configuring the gateway, i.e., a white list. During production and manufacturing, the MAC of the convergence gateway is written according to a certain rule and hop count, so that the MAC address of the set-top box system can be easily calculated. And the MAC address of the set-top box system of the fusion gateway dual system is added into a white list by default, and the default is that the slave set-top box system is a legal identity. In order to prevent the external device from falsely attacking the set-top box system MAC address, when the gateway system receives the configuration command, if the configuration command is judged to be the set-top box system MAC, the physical connection port needs to be further judged. And if the MAC of the set-top box system corresponds to the physical connection port, the configuration is allowed.
If the external device is connected to the gateway for the first time and the gateway configuration authority needs to be obtained, a secret key (private key) needs to be obtained from the set-top box system before network connection. And signing the MAC of the gateway system by a private key, and sending a signed result to the gateway system. The gateway system adopts the public key to carry out verification. And adding the white list after the verification is passed, and adding the black list when the verification is not passed. Judging whether the external device is connected for the first time can adopt judging whether the MAC address of the device is in a white list or a black list, and if not, judging that the device is connected for the first time. There are many methods for obtaining the private key from the set-top box system, for example: the device may scan the two-dimensional code or send an http request, etc. The method how to obtain the private key from the set-top box is many, and which method is adopted is irrelevant to the embodiment of the invention and is not described again.
When a gateway system fusing gateway dual systems receives a configuration change command, the identity recognition of a command source is added, firstly, the MAC address of the command source is detected and matched with a legal identity MAC address pool, if the source MAC address is in the legal identity MAC address pool (white list), the identity is proved to be legal, and the configuration change is allowed; otherwise, the identity is illegal, the configuration command is discarded, and an illegal MAC address (blacklist) is recorded. And if the MAC address equipment with illegal identity requests to carry out network connection with the gateway in the later period, connection can be refused.
in order to facilitate other devices to configure the gateway system fusing the gateway dual systems, the MAC address pool serving as the legal identity can be added or deleted. In order to ensure the safety, the function of the MAC address pool is maintained and can be only modified by the set top box system of the convergence gateway.
Various modifications and variations of the embodiments of the present invention may be made by those skilled in the art, and they are also within the scope of the present invention, provided they are within the scope of the claims of the present invention and their equivalents.
what is not described in detail in the specification is prior art that is well known to those skilled in the art.
Claims (8)
1. A converged gateway dual system, comprising: the convergence gateway dual system comprises a gateway system and a set-top box system, wherein both the gateway system and the set-top box system comprise system communication modules, and the system communication modules are connected based on a network and realize communication between the gateway system and the set-top box system according to an agreed message format or rule;
The gateway system is provided with an independent CPU and a Linux operating system, and is used for completing network access, networking, message transmission and IP address distribution; when a system communication module of the gateway system receives an external system request to modify the gateway configuration, firstly, identity verification is carried out, and the gateway configuration is modified after the identity verification is passed;
the set top box system is provided with an independent CPU and an Android operating system, equipment information and a configuration interface are displayed to a user through video output, and when the user needs to configure the gateway system, operation is carried out through the configuration interface;
The communication flow between the gateway system and the set-top box system is as follows:
establishing a legal identity MAC address pool of the configurable gateway to form a white list; adding the MAC address of the set-top box system into a white list according to the hop count of the MAC address during production;
When the external equipment is connected with the communication IP of the converged gateway dual system, judging whether the MAC address of the external equipment belongs to a blacklist, and if the MAC address belongs to the blacklist, rejecting connection; if the MAC address is not in the blacklist, judging whether the content of the message is a command for requesting to connect the gateway system or configuring the gateway system;
If the content of the message is a request for connecting the gateway system, a set-top box system secret key is requested, the set-top box system secret key is a private key, the private key is used for signing the MAC address of the external equipment, the public key of the gateway system is used for verifying the signed MAC address, if the content is correct, connection is allowed, and the MAC address is added into a white list; if not, not allowing connection and discarding the message;
If the content of the message is a command for configuring the gateway system, the gateway system inquires the MAC address of the message source, judges whether the message is in a white list or not, if the message is not in the white list, the message is considered to be illegally changed, modification is refused, and the MAC address is added into a black list; if the MAC address is in the white list, judging whether the MAC address is the MAC address of the set-top box, and if the MAC address is not the MAC address of the set-top box, allowing the configuration of the gateway system to be modified; if the set top box is the MAC address of the set top box, further judging whether the physical port is the physical port of the set top box system, and if the physical port is the set top box port, modifying the configuration of the gateway system; otherwise, the message is discarded.
2. The converged gateway dual system of claim 1, wherein: the blacklist is empty by default.
3. The converged gateway dual system of claim 1, wherein: the communication IP is a gateway management IP.
4. the converged gateway dual system of claim 1, wherein: and if the MAC address and the physical port of the set-top box system correspond to each other, allowing a command from the set-top box system for configuring the gateway system to be executed.
5. A communication security protection method applied to the converged gateway dual system of claim 1, comprising the following steps:
establishing a legal identity MAC address pool of the configurable gateway to form a white list; adding the MAC address of the set-top box system into a white list according to the hop count of the MAC address during production;
when the external equipment is connected with the communication IP of the converged gateway dual system, judging whether the MAC address of the external equipment belongs to a blacklist, and if the MAC address belongs to the blacklist, rejecting connection; if the MAC address is not in the blacklist, judging whether the content of the message is a command for requesting to connect the gateway system or configuring the gateway system;
if the content of the message is a request for connecting the gateway system, a set-top box system secret key is requested, the set-top box system secret key is a private key, the private key is used for signing the MAC address of the external equipment, the public key of the gateway system is used for verifying the signed MAC address, if the content is correct, connection is allowed, and the MAC address is added into a white list; if not, not allowing connection and discarding the message;
If the content of the message is a command for configuring the gateway system, the gateway system inquires the MAC address of the message source, judges whether the message is in a white list or not, if the message is not in the white list, the message is considered to be illegally changed, modification is refused, and the MAC address is added into a black list; if the MAC address is in the white list, judging whether the MAC address is the MAC address of the set-top box, and if the MAC address is not the MAC address of the set-top box, allowing the configuration of the gateway system to be modified; if the set top box is the MAC address of the set top box, further judging whether the physical port is the physical port of the set top box system, and if the physical port is the set top box port, modifying the configuration of the gateway system; otherwise, the message is discarded.
6. the communication security protection method for converged gateway dual systems according to claim 5, wherein: the blacklist is empty by default.
7. The communication security protection method for converged gateway dual systems according to claim 5, wherein: the communication IP is a gateway management IP.
8. the communication security protection method for converged gateway dual systems according to claim 5, wherein: and if the MAC address and the physical port of the set-top box system correspond to each other, allowing a command from the set-top box system for configuring the gateway system to be executed.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711406232.7A CN107864162B (en) | 2017-12-22 | 2017-12-22 | fusion gateway dual system and communication safety protection method thereof |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711406232.7A CN107864162B (en) | 2017-12-22 | 2017-12-22 | fusion gateway dual system and communication safety protection method thereof |
Publications (2)
Publication Number | Publication Date |
---|---|
CN107864162A CN107864162A (en) | 2018-03-30 |
CN107864162B true CN107864162B (en) | 2019-12-17 |
Family
ID=61707087
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201711406232.7A Active CN107864162B (en) | 2017-12-22 | 2017-12-22 | fusion gateway dual system and communication safety protection method thereof |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN107864162B (en) |
Families Citing this family (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108833979B (en) * | 2018-05-04 | 2020-12-08 | 烽火通信科技股份有限公司 | Pre-configuration file importing method of dual-system convergence terminal and dual-system convergence terminal |
CN109040165B (en) * | 2018-05-28 | 2021-05-07 | 烽火通信科技股份有限公司 | System and method for integrating heterogeneous platform communication on intelligent gateway |
CN109586958B (en) * | 2018-11-23 | 2021-08-10 | 青岛海信宽带多媒体技术有限公司 | Configuration management method for dual-system device and dual-system device |
CN109819064B (en) * | 2019-01-29 | 2021-11-23 | 广州视源电子科技股份有限公司 | Method for communication between modules, operating system module and conference panel |
CN110347442B (en) * | 2019-06-28 | 2020-09-22 | 烽火通信科技股份有限公司 | Intelligent plug-in operation method and system based on fusion terminal |
CN110611611B (en) * | 2019-09-26 | 2021-03-26 | 四川天邑康和通信股份有限公司 | Web security access method for home gateway |
CN115460030B (en) * | 2022-08-03 | 2024-01-26 | 深圳市华迅光通信有限公司 | Fusion gateway, data processing method and device thereof and readable storage medium |
Citations (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6765931B1 (en) * | 1999-04-13 | 2004-07-20 | Broadcom Corporation | Gateway with voice |
CN101478764A (en) * | 2009-02-09 | 2009-07-08 | 华南理工大学 | Digital household gateway reconfigurable system and method thereof |
CN101686266A (en) * | 2008-09-24 | 2010-03-31 | 华为技术有限公司 | Method and network equipment for acquiring management address by wireless access equipment |
CN101860771A (en) * | 2010-06-02 | 2010-10-13 | 中兴通讯股份有限公司 | Home gateway identifying and networking method and system |
CN102164317A (en) * | 2011-02-14 | 2011-08-24 | 上海高智科技发展有限公司 | Internet protocol (IP) set-top box-oriented multi-server segmented downloading system |
CN104065534A (en) * | 2014-06-30 | 2014-09-24 | 上海斐讯数据通信技术有限公司 | Test system and test method for router blacklist adding by mobile terminal |
CN104883361A (en) * | 2015-05-07 | 2015-09-02 | 深圳市共进电子股份有限公司 | Wireless access client authentication management method and wireless gateway |
CN106936946A (en) * | 2017-05-10 | 2017-07-07 | 烽火通信科技股份有限公司 | A kind of utilization Convergence gateway realizes the system and method for network traversal |
CN107295606A (en) * | 2017-06-30 | 2017-10-24 | 北京小米移动软件有限公司 | Method for connecting network, device and user equipment |
CN107395571A (en) * | 2017-06-28 | 2017-11-24 | 上海斐讯数据通信技术有限公司 | A kind of router login management method and system based on MAC Address |
-
2017
- 2017-12-22 CN CN201711406232.7A patent/CN107864162B/en active Active
Patent Citations (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6765931B1 (en) * | 1999-04-13 | 2004-07-20 | Broadcom Corporation | Gateway with voice |
CN101686266A (en) * | 2008-09-24 | 2010-03-31 | 华为技术有限公司 | Method and network equipment for acquiring management address by wireless access equipment |
CN101478764A (en) * | 2009-02-09 | 2009-07-08 | 华南理工大学 | Digital household gateway reconfigurable system and method thereof |
CN101860771A (en) * | 2010-06-02 | 2010-10-13 | 中兴通讯股份有限公司 | Home gateway identifying and networking method and system |
CN102164317A (en) * | 2011-02-14 | 2011-08-24 | 上海高智科技发展有限公司 | Internet protocol (IP) set-top box-oriented multi-server segmented downloading system |
CN104065534A (en) * | 2014-06-30 | 2014-09-24 | 上海斐讯数据通信技术有限公司 | Test system and test method for router blacklist adding by mobile terminal |
CN104883361A (en) * | 2015-05-07 | 2015-09-02 | 深圳市共进电子股份有限公司 | Wireless access client authentication management method and wireless gateway |
CN106936946A (en) * | 2017-05-10 | 2017-07-07 | 烽火通信科技股份有限公司 | A kind of utilization Convergence gateway realizes the system and method for network traversal |
CN107395571A (en) * | 2017-06-28 | 2017-11-24 | 上海斐讯数据通信技术有限公司 | A kind of router login management method and system based on MAC Address |
CN107295606A (en) * | 2017-06-30 | 2017-10-24 | 北京小米移动软件有限公司 | Method for connecting network, device and user equipment |
Also Published As
Publication number | Publication date |
---|---|
CN107864162A (en) | 2018-03-30 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN107864162B (en) | fusion gateway dual system and communication safety protection method thereof | |
CN101867530B (en) | Things-internet gateway system based on virtual machine and data interactive method | |
CN104639624B (en) | A kind of method and apparatus for realizing mobile terminal remote access control | |
CN102724175B (en) | The telecommunication safety management framework of ubiquitous green community net control and method | |
CN102413224B (en) | Methods, systems and equipment for binding and running security digital card | |
CN107222433A (en) | A kind of access control method and system based on SDN path | |
CN108512862A (en) | Internet-of-things terminal safety certification control platform based on no certificates identified authentication techniques | |
CN105915550B (en) | A kind of Portal/Radius authentication method based on SDN | |
CN107026874A (en) | One kind instruction signature and verification method and system | |
WO2017012142A1 (en) | Dual-connection security communication method and apparatus | |
CN115378625B (en) | Cross-network information security interaction method and system | |
CN106685775A (en) | Self-inspection type invasion prevention method and system for intelligent household electrical appliance | |
CN114143068A (en) | Electric power internet of things gateway equipment container safety protection system and method thereof | |
CN113473458A (en) | Equipment access method, data transmission method and computer readable storage medium | |
CN105577705B (en) | For the safety protecting method and system of IEC60870-5-104 agreements | |
CN102185867A (en) | Method for realizing network security and star network | |
US8606228B2 (en) | Method, user network equipment and management system thereof for secure data transmission | |
EP2905940A1 (en) | Network element authentication in communication networks | |
CN105847234A (en) | Suspicious terminal access pre-warning method, gateway management platform and gateway device | |
CN106358188B (en) | A kind of link switch-over method, apparatus and system | |
CN105873035A (en) | Safe AP (access point) information processing method | |
CN107979821B (en) | Method and device for processing illegal No.7 signaling | |
CN115604862A (en) | Video streaming transmission method and system | |
CN108712398A (en) | Port authentication method, server, interchanger and the storage medium of certificate server | |
CN111585972B (en) | Security protection method and device for gatekeeper and network system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |